Black Hat: If it ain't broke, it's just a matter of time

By William Jackson

Jul 25, 2012

LAS VEGAS — Government IT professionals attending this week’s Black Hat Briefings will get a look at new research ranging from the security of Windows and Apple operating systems to vulnerabilities in industrial control systems and mobile devices.

This year’s briefings feature seven technical tracks and two workshop tracks with more than 250 presenters, not to mention keynotes each day. Presenters are scheduled to release 36 tools and reveal 17 zero-day exploits, and conference organizers still did not get everything in.

“We had more content submitted this year than we have ever seen before,” said Black Hat General Manager Trey Ford. Four or five presentations were rejected for every one accepted.

Black Hat, being held July 25 and 26 at Caesars Palace, is a tech-heavy conference focused on breaking things (one of this year’s tracks is called “Breaking Things”) rather than on defense (although there also is a track on “Defense”).

On the government side, recently retired FBI executive assistant director Shawn Henry, who headed cyber criminal investigations at the bureau, will deliver the opening keynote on the threats facing today’s networks. Mark Weatherford, head of the Homeland Security Department’s National Protection and Programs Directorate, will give a talk on research and training opportunities at DHS.

Agencies facing the challenges of enabling mobility and of employees bringing their own devices into the enterprise will get a look at the security status of these devices.

“There is a huge emphasis on mobile this year,” Ford said. “The cell phone is now a full-fledged computer.” Mobile gets its own track in which cellular protocols and reverse engineering of microcells are examined.

The operating systems underlying many devices also will get a close examination, including Apple’s iOS mobile operating system in a highly anticipated first-time presentation from Apple.

“Apple has never spoken in public about security,” Ford said. But this year the company submitted a talk on iOS security by Dallas De Atley, manager of Apple’s platform security team.

There also is a talk on "The Dark Art of iOS Application Hacking," by Jonathan Zdziarski, senior forensic scientist at the security firm viaForensics. He will look at how iOS applications are infected, how objects are manipulated and abused, and other ways to steal data from the devices.

Microsoft does not get ignored, and Chris Valasek of Coverity and Tarjei Mandt of Azimuth Security are giving a talk on “Windows 8 Heap Internals.” They have been banging away on the next version of the OS since the release of the Consumer Preview in September. They will be looking at how techniques for exploit mitigations are transitioning from Windows 7 to Windows 8, at both the user and kernel level.

Critical infrastructure also is being examined, with looks at backdoors in industrial firmware by Ruben Santamarta of IOActive Labs and smart meter vulnerabilities by Don C. Weber of InGuardians.

Weber originally was scheduled to give his talk on smart meters at SchmooCon in January, but it was cancelled because of concern by equipment vendors and utilities. “We have worked with them,” Weber said. “They should be OK with this . . . .” But last-minute cancellations, voluntary and otherwise, are not unheard of at Black Hat.

JavaScript exploits and SCADA vulnerabilities also will be discussed and are expected to remain hot areas of research for the foreseeable future, Ford said. “It’s going to stay relevant in this space for another five years, minimum,” he said.

And just for fun, best-selling author Neal Stephenson will be interviewed for the July 26 keynote. If you don’t know who he is (“Cryptonomicon,” “Snow Crash,” “Reamde”), trust me, he’s a big deal with the kind people who come to Black Hat.